I’ve been playing around with my HP ProCurve 2524 (J4813A) managed 24-port 10/100 switch today. The CLI interface is very functional and Cisco-like. It even supports CDP. You can do ‘show run’ to view your config just like in IOS. One thing I like better than Cisco IOS is that even in the configure context you can still have full access to all the ‘show’ commands. I wish IOS did that. There is the IOS-like ‘no …..’ at the front of a configuration line to remove/negate that particular configuration line.
The VLAN configuration is very straightforward. There is no switch-port ACLs like on a Nortel Baystack but not necessary if using full 802.1Q VLANs. Unlike the Baystacks, you can reconfigure VLANs on the fly without having to change any of the settings on the monitoring (mirror) port. The monitoring port can either monitor 1 VLAN, or any number of physical ports. This functionality works quite well. If you had a VLAN which you wanted to have strict control of Internet access to you could have something like this:
untagged 3 tagged 23 tagged 24 end
For this scenario –
Port 3 has the ‘computer room 3’ switch hanging off it
Port 23 is Internet gateway/router
Port 24 is the DHCP server
You would just say:
(login) configure vlan 3 no tagged 23
…and then voila – room 3 has no Internet but still has DHCP. You could verify this with a ‘show vlan 3’.
On the topic of DHCP you can have a different DHCP scope for each VLAN by using Intel Proset tools on the DHCP box. Just have a virtual interface on each VLAN and serve a scope to each one. I did that in testing today – worked beautifully. I setup CommTraffic today and played with it in conjunction with VLANs. It worked fine. CommTraffic has all the makings of a good program and it has accurate reporting, but it was just too inflexible in its reporting. There was no easy way to clear the totals, and it annoyed me by seemingly only computing traffic on a per-host basis. Where is the totals for each VLAN? I’d look elsewhere for a tool (possibly still Windows-based) that has better reporting, and probably a more sturdy logging database. Something that dumps to a mysql database would be nice. I think making use of SNMP functionality would be beneficial.